Hybrid, Garching bei München Are you passionate about safeguarding businesses from cybersecurity threats? Do you excel in risk analysis and want to make a significant impact in a global environment? Amer Sports is seeking a dedicated Cybersecurity Risk Analyst to join our team in Munich. In this role, you will work closely with business and IT teams to identify, assess, and mitigate cybersecurity risks, ensuring our projects are secure by design. What you will be doing: Risk Assessment & Security by Design: Conduct security risk assessments in line with ISO 27005 and internal methodologies, ensuring security is embedded throughout project lifecycles, from initial analysis to final delivery. Collaborate with project teams to provide security recommendations, document assessments, and track remediation plans. Security Review & Technical Support: Evaluate security architectures, cloud and network integrations, and critical applications, identifying objectives and defining remediation plans. Assist Sec DevOps teams and security champions with CI/CD security, API security, and secure architecture, acting as a cybersecurity expert and advisor. Stakeholder Engagement & Framework Enhancement: Serve as a cybersecurity e, advising business and IT stakeholders on best practices and security solutions. Lead or contribute to projects aimed at improving security frameworks, maturity levels, and developing KPI/KRI dashboards to monitor progress. Control & Compliance Management: Oversee the implementation of security controls, working closely with the GRC team to ensure compliance and create actionable plans. Maintain and update the cybersecurity risk register, tracking strategic and operational risks, and ensuring effective communication with all relevant parties. Training & Awareness: Lead risk awareness training sessions for new product owners and project managers, fostering a culture of cybersecurity within the organization. Organize and manage penetration tests, vendor audits, and other security validation efforts to ensure infrastructure and applications meet security standards before going live. What you need to succeed: Experience: Minimum of 5 years in a similar role or in GRC-related positions (IT audit, risk management, advisory) within a similar industry. Certifications: One or more of the following certifications is highly desirable: ISO27001 Lead Auditor or Lead Implementer Risk Manager ISO 27005 NIST CSF Certificate of Cloud Security Knowledge (CCSK) Certified Information Systems Security Professional (CISSP) Certified Information System Auditor (CISA) Certified Cloud Security Professional (CCSP) Certified Ethical Hacker (CEH) Education: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Technical Skills: Proven experience in conducting risk assessments, vendor risk assessments, architecture reviews, and cloud security assessments. Analytical & Communication Skills: Strong analytical abilities with clear, concise communication, making technical details understandable to non-technical stakeholders. Team Collaboration & Leadership: Effective team player with leadership qualities, skilled in adapting communication and convincing stakeholders. Organizational & Project Management Skills: Highly organized, able to manage multiple tasks, and experienced in planning and executing projects efficiently. Resilience & Adaptability: Proactive and adaptable, able to work under pressure while maintaining a positive and solution-oriented approach. What’s in it for you: Meaningful Projects: Contribute to responsible projects with dedicated teams, making a real impact and driving positive change. Engaging Company Culture: Experience a workplace with a strong team spirit and an open, appreciative culture, where you'll feel valued and part of a supportive community. Smooth Transition: Benefit from a comprehensive onboarding program designed to help you integrate seamlessly into our organization. Discounts on Quality Products: Benefit from compelling discounts on our own-brand products (including Salomon, Atomic, Peak Performance, and more) Active Lifestyle: Embrace a healthy lifestyle with a wide range of sports opportunities and access to our on-site gym. Financial Security: Secure your financial future with subsidies for our company pension plan and employee profit-sharing plan. Commute with Ease: Simplify your daily commute with benefits for public transportation. Global Exposure: Collaborate with a diverse, international team spanning North America, Asia Pacific, and beyond. Global Impact: Engage in diverse and challenging projects alongside colleagues from varied backgrounds. Sustainability: Support our sustainability initiatives with bike parking, carpooling options, and an environmental focus. Our Candidate-Centric Hiring Process: At Amer Sports, we believe in making your journey through our hiring process as seamless and engaging as possible. We are committed to finding the best talent to join our team, and we appreciate the effort and time you invest in exploring opportunities with us. Here's a glimpse of what you can expect: CV Screening Phone Screening 1st Interview 2nd Interview Feedback & Decision Apply now If you have any questions or need clarification at any stage of the application process or during your journey with us, please don't hesitate to reach out to julia.stylaamersports.com. We're here to provide you with the support and information you need to make your experience with Amer Sports as smooth and enjoyable as possible. Your success and satisfaction are our top priorities, and we're always here to assist you